LV0 encryption key cracks current and future PlayStation 3 firmware

It looks like the security of the PlayStation 3 has been cracked wide open. But then again we’ve thought the same thing in the past and Sony managed to patch those exploits. The latest in the cat and mouse game is the release of the LV0 encryption codes for the PS3 console. The guys who discovered the magic strings of characters supposedly intended to keep them a secret, but have gone public after there was a leak and some black-hats now intend to use them for profit.

The keys are the bottom layer of security when pushing firmware updates to the PS3. With keys in hand, current and future upgrades can be unencrypted, altered, and repackaged without the gaming rig putting up a fuss. Our only real beef with the tight security came when Sony removed the ability to install Linux on systems marketed with this option. The availability of these keys should let you install just about whatever you want on your hardware.

this is good cuz the ps3 has yet to be fully utelized. more power i say and with the option of a posibul pc mod again yey for full out gaming on a power house console. lets make it just as good as our hacky friend the dreamcast

Geohot didn’t release anything before the OtherOS removal, he just showed that it was possible to crack the security in some way on the console, sony got scared and removed OtherOS in hopes that it would take away most points of attack. That made everyone pissed and more and more devs started to look into the security of the PS3, thats when those darn piracy dongles showed up and after that Fail0verflow found the signature keys.

Funny thing is that OtherOS had nothing to do with 1. Enabling piracy
2. The signature keys getting released

Those happened only because Sony wasn’t implementing their security well enough. I believe that team fail0verflow even said that they wouldn’t have looked for security flaws in the system if OtherOS wasn’t removed, as they only wanted to crack the console so they could get back their beloved linux

I agree with some points made above but the main reason Sony decided to remove the OtherOS feature was to prevent mass sales of the hardware to businesses & institutes looking to create an extremely cheap Cell CPU cluster with no intention of buying games, media etc from their services where they make the real money and attract game designers to create and license for their hardware.

Also the GPU was restricted within the OtherOS feature crippling it for anything other than trivial / computational tasks.

You can buy things such as the Progskeet flasher or the E3 Flasher which is a NAND/NOR flasher and can replace a “bricked” Ps3 regardless of which firmware it is on, as long as you made a backup of the original image installed on that hardware. You either soulder it up to the memory on the motherboard and if you ever screw up the firmware you can reflash back to which ever backup you created. The best firmware to be on right now is 3.55 Official firmware as it can be exploited with Kmeaw/Rogero firmwares.

The hardware in Slim PS3’s shipped from factory with OFW 3.55 and down have the same hardware keys as every single PS3 so it’s technically possible to downgrade even more PS3’s that are on OFW 4.30+. The problem is getting a software exploit in an official firmware on these “cracked” machines is hard as of yet.

The new Slim Ps3’s CHECH3x+ (500GB Top loading disc Drives) have all new hardware keys and can’t be hacked as of yet. Since future updates have to apply to existing Ps3 hardware types it’s easier to exploit further firmwares for future hardware revisons.

Isn’t this old news? Firstly, geohot published his hack an age ago, in response to sony removing other os support, which was in response to his comments on the flaws in ps3 security.

Secondly, did nobody see that talk 2 years ago where they completely dissected ps3 security at every level? http://www.youtube.com/watch?v=PR9tFXz4Quc. In this talk they showed you how to extract the private keys in every level of ps3 security due to flaws in the implementation of the encryption layers.

Neither geohot nor fail0verflow broke the lv0 encryption, and in fact if you had even bothered to watch the video that you linked everyone to – or were smart enough to understand it, which you obviously aren’t – you would have seen as much. Geohot and the fail0verflow guys only managed to find keys down to lv1, not lv0. Idiot.

Updated on 25.10.2012, 17:20: Apparently Sony delivers the slim version of the PS3 from CECH-30xx and the super-slim with lv0.2 that checks a second signature. This would mean that these newer models can not crack on the manner described above.